EUVD-2009-3107

Malware in sbrugna...

CVE-2009-3124

Directory traversal vulnerability in getmessage.cgi in QuarkMail allows remote attackers to read arbitrary files via a .. dot dot in the tf parameter...

QuarkMail web2cgi/get_att.cgi 命令执行漏洞

No description provided by source...

QUIK email(QuarkMail)remote command execution vulnerabilities and fixes-vulnerability warning-the black bar safety net

Vulnerability Description: The QUIK e-mail（QuarkMail Beijing Xiong Zhi weiye science and Technology Company launched the e-mail system, is widely used in various areas of email solutions, webmail section Using perl cgi to write, but 80sec in their system found a major security vulnerability leads...

QUIK e-mail（QuarkMail latest remote vulnerability-vulnerability warning-the black bar safety net

From: http://www.aaibase.cn/Article/hk/201002/608.html Found by: me Vulnerability Description: The QUIK e-mail（QuarkMail Beijing Xiong Zhi weiye science and Technology Company launched the e-mail system, is widely used in various fields of the email solution该 产品 的 主要 客户 名单...

Directory traversal

Directory traversal vulnerability in getmessage.cgi in QuarkMail allows remote attackers to read arbitrary files via a .. dot dot in the tf parameter...

CVE-2009-3124

Directory traversal vulnerability in getmessage.cgi in QuarkMail allows remote attackers to read arbitrary files via a .. dot dot in the tf parameter...

CVE-2009-3124

Directory traversal vulnerability in getmessage.cgi in QuarkMail allows remote attackers to read arbitrary files via a .. dot dot in the tf parameter...

CVE-2009-3124

CVE-2009-3124 describes a directory traversal vulnerability in QuarkMail's get_message.cgi that allows an attacker to read arbitrary files by injecting a .. in the tf parameter. Multiple connected sources (Red Hat, NVD, CVE records, and related feeds) reiterate that the flaw affects QuarkMail and...

QuarkMail - tf Directory Traversal

QuarkMail - tf Directory Traversal source: https://www.securityfocus.com/bid/44226/info QuarkMail is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could a...

QuarkMail - 'tf' Directory Traversal

source: https://www.securityfocus.com/bid/44226/info QuarkMail is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks...

QuarkMail Local File Inclusion

Securitylab.ir Application Info: Name: QuarkMail Website: http://www.ipmotor.com Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Local File Inclusion Risk: Medium...

快客电邮(QuarkMail)远程命令执行漏洞

快客电邮（QuarkMail）是北京雄智伟业科技公司推出的电子邮件系统，被广泛用于各个领域的电子邮件解决方案，其webmail部分使用perl cgi编写，但是80sec在其系统中发现一个重大的安全漏洞，导致远程用户可以在邮件系统上以当前进程身份执行任意命令，从而进一步控制主机或者系统。 QuarkMail错误地使用perl的open函数以打开文件，实现模板等功能，但是其对用户传入的参数没有做有效的过滤，从而导致一个命令执行漏洞。 登录进入系统之后访问如下URL...